VIVOTEK

IEEE 802�1x Advanced Mode

Enable this function if your network environment uses IEEE 802�1x, which is a port-based network access control� The network devices, intermediary switch/access point/hub, and RADIUS server must support and enable 802�1x settings�

The 802�1x standard is designed to enhance the security of local area networks, which provides authentication to network devices (clients) attached to a network port (wired or wireless). If all certificates between client and server are verified, a point-to-point connection will be enabled; if authentication fails, access on that port will be prohibited� 802�1x utilizes an existing protocol, the Extensible Authentication Protocol (EAP), to facilitate communication�

The components of a protected network with 802�1x authentication:

Supplicant

Authenticator

Authentication Server

(Network Camera)

(Network Switch)

(RADIUS Server)

1� Supplicant: A client end user (camera), which requests authentication�

2� Authenticator (an access point or a switch): A “go between” which restricts unauthorized end users from communicating with the authentication server�

3� Authentication server (usually a RADIUS server): Checks the client certificate and decides whether to

accept the end user’s access request�

VIVOTEK Network Cameras support two types of EAP methods to perform authentication: EAP-PEAP and EAP-TLS

Please follow the steps below to enable 802�1x settings:

1� Before connecting the Network Camera to the protected network with 802�1x, please apply a digital certificate from a Certificate Authority (ie. MIS of your company) which can be validated by a RADIUS server�

2� Connect the Network Camera to a PC or notebook outside of the protected LAN� Open the configuration page of the Network Camera as shown below. Select EAP-PEAPor EAP-TLSas the EAP method� In the following blanks, enter your ID and password issued by the CA, then upload related certificate(s).

User's Manual - 43